Generally, within the video lottery field, systems have been provided in which electronic gaming machines are stationed at casinos, bars, restaurants, etc. (hereafter referred to as "points of sale" or "gaming sites"). These gaming machines (hereafter referred to as "video lottery terminals" or "VLTs") allow a user to play one or more games such as keno, black jack, slot machines, draw poker, etc. Before playing, the user "places a bet," for instance, by physically inserting dollar bills into an automatic money collector within the video lottery terminal (VLT). The VLT identifies the inserted money as a $1.00, $5.00, $10.00, etc., and accordingly credits the player's account at that terminal.
When a player chooses to redeem the account, the VLT issues a printed ticket containing an authorization number uniquely identifying the ticket and the amount of the cash payout. The VLT creates each authorization number by simply incrementing a previous authorization number which corresponded to a preceding game. The player presents the winning ticket to a clerk or bartender who redeems it for the printed cash payout amount. However, these systems provide little assurance of the ticket's validity.
In the past, systems have been proposed in which multiple VLTs (possibly several hundred) are set up at a particular casino. A group of VLTs (approximately 10) are serially connected to a site controller SC, a video management terminal VMT or a clerk validation terminal CVT (hereafter referred to as "local control terminals"). The local control terminal stores information concerning each cash ticket printed at a VLT, including the authorization number, VLT identification number and cash payout amount. The local control terminal is also connected, via a modem and a conventional telephone network, to a central computer which controls operation of the overall lottery system.
Each time a VLT issues a ticket to a player, it sends the information contained upon the ticket to the local control terminal connected thereto for recordation. Upon request, the local control terminal displays this information to the clerk. When each cash ticket is presented, the clerk compares the authorization number on the ticket with the corresponding stored authorization number. If these numbers match, the presented ticket is deemed valid and the winnings are paid out by the clerk.
However, this conventional system has several drawbacks. Specifically, each local control terminal only maintains, and has access to, information concerning the VLTs connected thereto. Thus, a player must present each winning ticket to the clerk at, and only at, the local control terminal connected to the VLT that issued the ticket. This presentment limitation inconveniences ticket holders since a single casino may include more than one local control terminal. The player may become confused and attempt to present the ticket to the wrong clerk, or, similarly, a clerk may have to wait for the proper local control terminal to be available.
Further, conventional systems do not provide adequate security since "hackers" may easily interject false information onto the communication line between the VLTs and the local control terminal. These hackers may simulate a VLT transmission and convey false ticket information to the local control terminal alleging that a VLT has printed a cash ticket. Conventional systems are susceptible to this type of fraud since these systems allow the VLT to inform the local control terminal of both the cash payout and the corresponding authorization number. Further, this type of fraud is facilitated by the fact that the VLTs use sequential authorization numbers that are easily anticipated.
An alternative system has been proposed in which the VLT requests the validation number from the local control terminal. However, in this alternative system, if the requested number is delayed or not successfully communicated to the VLT, then the VLT is allowed to generate its own authorization number and print a ticket. In this instance, the VLT subsequently sends this self-generated authorization number and the cash payout to the local control terminal. Thus, even in this alternative system a hacker can simulate a VLT and still generate valid tickets by always sending a self-generated authorization number to the local control terminal, ignoring the requesting process.
Another system has been proposed in which communications between the VLT and local control terminal have been encrypted for security purposes. The encrypted communications are decrypted with an encryption key stored in the VLT. During start-up, a universal encryption key is broadcast over the communication's lines and used, throughout operation, by every VLT. However, this encryption scheme is easily broken since any hacker may obtain the encryption key if they are "listening" during this start up broadcast and if they know the communications protocol. Also, once the hacker learns the encryption key that key is valid for all subsequent communications for all VLTs. The encryption scheme remains simple since the protocol used for communications between the VLTs and local control terminal is unable to support a more complex encryption scheme. Therefore, the encryption technic used within this conventional system is easily broken.